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REMARKS 

Introduction 

Claims 1-8 were pending. Claims 1, 6, and 9 are independent. Claims 9-12 have 
been added. Claims 1 and 6 have been amended herein. 

Rejections under 35 U.S.C. § 102(b) 

Claims 1-8 stand rejected under 35 U.S.C. 102(e) as being unpatentable over U.S. 
Patent No. 6,775,783 (Trostle). 

Trostle describes a system, method and apparatus for limiting access by a user to 
a networked application or service. Access to network security credentials that allow a user to 
authenticate to application servers is accomplished by storing the user's credentials in memory 
that is only accessible by a local security authority (LSA). A secret associated with each 
credential is stored in a secret file which is accessible only by the associated user. When this 
secret is passed to the LSA by the user, the LSA passes back a handle to the appropriate 
credential, which the user can later use to obtain authentication information. Thus, to access a 
credential, a user must conform with the file system access control to first access the secret, then 
conform with the LSA access control to obtain the credential handle. 

In contrast to the method described by Trostle, the claimed invention as recited in 
amended independent claims 1 and 6 of the present application describe a method and a system 
configured to execute steps of receiving a request to access a store from a first process initiated 
by a requester; initiating a second process responsive to said store access request, wherein data 
generated by said second process is accessible to said first process but inaccessible to the 
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requester; changing a context of said second process to the user id of said store; providing said 
store with an exclusive user id; said second process receiving tokenized credentials from said 
first process responsive to said request; said second process performing a lookup of said 
tokenized credentials; said second process passing a user id and password associated with said 
store to said first process if said tokenized credentials are recognized; communicating between 
said first process and said store via private communications channels, said communications 
channels being inaccessible to the requester; and said first process obtaining data from said store 
via said private communications channels responsive to said store access request using said user 
id and password associated with said store . 

Trostle does not describe or teach that data generated by said second process is accessible 
to said first process but inaccessible to the requester. The random secret of Trostle can be 
generated by the LSA process, which is accessible through a file to the user (See column 6, lines 
15-17). A credential handle is passed back from the LSA (corresponding to a second process) to 
the login process (corresponding to a first process) which is used by the login process to obtain 
authentication information from a security server (corresponding to a third process). The 
credential handle is then passed from the user login process to the LSA process. The LSA 
process then finds the credentials associated with the credential handle and then sends the 
credentials to the security server. Note that the credential handle is not the credentials 
themselves and is also distinct from the authentication information passed from the security 
server to the login program. The second process of the present invention does not pass back a 
credential handle or the credentials themselves to the user process (the first process), and a third 
process (the security server) passes the authentication information back to the login process, 
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while in the present invention, the second process sends back the direct authentication 
information (a user id and password associated with said data store) to the user process. Finally, 
Trostle is agnostic as to the nature of communication between the login process and the 
application client, whereas the present invention specifies that the communication channels 
between the first process and the data store are private communications channels which are 
inaccessible to the requester. 

Accordingly, Applicants submit that Trostle does not disclose or teach the 
invention recited by amended claims 1 and 6 of the present application. Claims 2-5 ultimately 
depend from claim 1, and claims 7 and 8 ultimately depend from claim 6. Since claims 1 and 6 
have been shown to be patentable, the claims depending therefrom are likewise deemed to be 
patentable, for at least the reasons described above with respect to the patentability of claims 1 
and 6. Accordingly, Applicants respectfully request withdrawal of the 35 U.S.C. § 102(e) 
rejection of claims 1-8. 

New independent claim 9 contains all of the limitations of claim 1, with additional 
limitation specific to a UNIX implementation of the present invention. For instance, Trostle 
does not disclose executing a shell script which creates a data stream containing a tokenized user 
id and password, the tokenized user id and password being used as the credentials which the 
second process searches for in a credential store which is distinct from the store being accessed 
by the user process (first process). There is no mention in Trsotle of creating and using a 
datastream to communicated between the user process and the LSA. There is no mention in 
Trostle of the second process (LSA) changing its use rid to an effective user id which matches 
the user id of the data store, said effective user id being different from said user id of the 
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requestor. There is no mention in Trestle of the first process (logon process) requesting data 
from the data store on a sending inter-process pipe and receiving the data from the data store on a 
separate receiving inter-process pipe. 

Thus for the reasons outlined for amended independent claim 1 and the new 
reasons outlined for new independent claim 9, Applicants submit that Trestle does not disclose 
or teach the invention recited by new independent claim 9 of the present application. New 
claims 10-12 ultimately depend from claim 9. Since claim 9 has been shown to be patentable, 
the claims depending therefrom are likewise deemed to be patentable. 

Thus, applicants submit that each of the claims of the present application are 
patentable over each of the references of record, either taken alone, or in any proposed 
hypothetical combination. Accordingly, withdrawal of the rejections to the claims is respectfully 
requested. 
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Conclusion 

In view of the above remarks, reconsideration and allowance of the present 
application is respectfully requested. No fee is believed to be due in connection with this 
Amendment. If, however, any fees are deemed necessary for this Amendment to be entered and 
considered by the Examiner, then the Commissioner is authorized to charge such fee to Deposit 
Account No. 50-1358. Applicant's undersigned patent agent may be reached by telephone at 
(973) 597-2500. All correspondence should continue to be directed to our address listed below. 



Respectfully submitted, 
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Patent Agent for Applicant 
Registration No. 53,836 
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